OSINT for Opensource intelligence is a tool used to examine external threats of and organization. At Nmmapper(https://www.nmmapper.com) We have integrated this OSINT tool online for everyone to test it out at https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/
2. Features of theHarvester
• Names
• Email finder https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/
• Virtual host scanner
• Port scanner https://www.nmmapper.com/st/networkmapper/nmap/online-port-scanning/
• Ip address finder
• Subdomain takeover
• Subdomain finder https://www.nmmapper.com/sys/tools/subdomainfinder/
• Over 23+ public engine
• Proxy support
• URL
3. What is theHarvester
• theHarvester is a very simple to use, yet powerful and effective tool
designed to be used in the early statges of a
penetration test or red team engagement. Use it for open source
intelligence (OSINT) gathering to help determine a
company's external threat landscape on the internet. The tool gathers
emails, names, subdomains, IPs and URLs using
multiple public data sources.
4. Passive Public source used by theHarvester
• baidu: Baidu search engine
• bing: Microsoft search engine
• bingapi: Microsoft search engine, through the API (Requires an API key, see below.)
• Bufferoverun: Uses data from Rapid7's Project Sonar
• CertSpotter: Cert Spotter monitors Certificate Transparency logs
• crtsh: Comodo Certificate search
• dnsdumpster: DNSdumpster search engine - dnsdumpster.com
• dogpile: Dogpile search engine
• duckduckgo: DuckDuckGo search engine
• Exalead: a Meta search engine
• github-code: GitHub code search engine (Requires a GitHub Personal Access Token, see below.)
• google: Google search engine (Optional Google dorking.)
• hunter: Hunter search engine (Requires an API key, see below.)
• intelx: Intelx search engine (Requires an API key, see below.)
• linkedin: Google search engine, specific search for LinkedIn users
5. Passive public sources(CONTINUED)
• netcraft: Internet Security and Data Mining
•otx: AlienVault Open Threat Exchange - otx.alienvault.com
•securityTrails: Security Trails search engine, the world's largest repository of historical DNS data
(Requires an API key, see below.)
•shodan: Shodan search engine, will search for ports and banners from discovered hosts
•Spyse: Web research tools for professionals (Requires an API key.) - spyse.com
•Suip: Web research tools that can take over 10 minutes to run, but worth the wait - suip.biz
•threatcrowd: Open source threat intelligence
•trello: Search trello boards (Uses Google search.)
•twitter: Twitter accounts related to a specific domain (Uses Google search.)
•vhost: Bing virtual hosts search
•virustotal: virustotal.com domain search
•yahoo: Yahoo search engine